Windows 远程管理服务仅在本地主机上监听

tag-icon tag-icon powershell
Windows 远程管理服务仅在本地主机上监听

我在使用 WinRM 时遇到了一个奇怪的问题。由于服务器迁移,机器获得了另一个 IP 地址。我无法让 WinRM 再次运行。我已启用 WinRM 服务,实际上它正在监听本地主机(端口 5985)。

C:\Windows\system32>winrm e winrm/config/listener
Listener
    Address = *
    Transport = HTTP
    Port = 5985
    Hostname
    Enabled = true
    URLPrefix = wsman
    CertificateThumbprint
    ListeningOn = 127.0.0.1, 192.168.80.54, ::1, fe80::100:7f:fffe%12, fe80::5efe:192.168.80.54%11, fe80::a140:a4a0:3b8f:e423%15

当我运行时test-wsman 127.0.0.1显示以下输出:

wsmid           : http://schemas.dmtf.org/wbem/wsman/identity/1/wsmanidentity.xsd
ProtocolVersion : http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd
ProductVendor   : Microsoft Corporation
ProductVersion  : OS: 0.0.0 SP: 0.0 Stack: 2.0

当我运行test-wsman 192.168.80.54命令时没有成功:

Test-WSMan : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig".
At line:1 char:11
+ test-wsman <<<<  192.168.80.54
    + CategoryInfo          : InvalidOperation: (192.168.80.54:String) [Test-WSMan], InvalidOperationException
    + FullyQualifiedErrorId : WsManError,Microsoft.WSMan.Management.TestWSManCommand

我可以正常访问 192.168.80.58 上的另一台机器。我已经用 进行了检查netstat -a -n。看来 WinRM 正在监听 127.0.0.1:5985,而其他机器显示的是 0.0.0.1:5985。

我已经检查了 URL 保留,但这些看起来也很好:

Reserved URL            : http://+:47001/wsman/
    User: NT SERVICE\WinRM
        Listen: Yes
        Delegate: No
    User: NT SERVICE\Wecsvc
        Listen: Yes
        Delegate: No
        SDDL: D:(A;;GX;;;S-1-5-80-569256582-2953403351-2909559716-1301513147-412116970)(A;;GX;;;S-1-5-80-4059739203-877974739-1245631912-527174227-2996563517)

Reserved URL            : https://+:5986/wsman/
    User: NT SERVICE\WinRM
        Listen: Yes
        Delegate: No
    User: NT SERVICE\Wecsvc
        Listen: Yes
        Delegate: No
        SDDL: D:(A;;GX;;;S-1-5-80-569256582-2953403351-2909559716-1301513147-412116970)(A;;GX;;;S-1-5-80-4059739203-877974739-1245631912-527174227-2996563517)

Reserved URL            : http://+:5985/wsman/
    User: NT SERVICE\WinRM
        Listen: Yes
        Delegate: No
    User: NT SERVICE\Wecsvc
        Listen: Yes
        Delegate: No
        SDDL: D:(A;;GX;;;S-1-5-80-569256582-2953403351-2909559716-1301513147-412116970)(A;;GX;;;S-1-5-80-4059739203-877974739-1245631912-527174227-2996563517)

答案1

这台机器之前被分配了两个 IP 地址。为了防止 IIS 监听这两个 IP 地址,HTTP 配置已更改,因此它只会监听一个 IP 地址。您可以通过运行以下命令来显示 HTTP 驱动程序使用的 IP 地址:

C:\WINDOWS\system32> netsh http show iplisten

IP addresses present in the IP listen list:
-------------------------------------------

    127.0.0.1
    192.168.70.10

如果从列表中删除所有 IP 地址,则 HTTP.SYS 将使用所有 IP 地址,因此删除所有 IP 地址就足够了。

答案2

重新创建 HTTP 侦听器很可能会有所帮助。

在 PowerShell 中:

Remove-WSManInstance winrm/config/Listener -SelectorSet @{Address="*";Transport="http"}
New-WSManInstance winrm/config/Listener -SelectorSet @{Address="*";Transport="http"}

在命令提示符中:

winrm delete winrm/config/Listener?Address=*+Transport=HTTP
winrm create winrm/config/Listener?Address=*+Transport=HTTP

要使用特定地址,请使用Address="IP:YourIPAddress"语法。

注意:在上述命令中,你的IP地址占位符是您需要使用 IP 地址更改的值。

进一步阅读:

相关问题:仅允许从一个地址进行 PowerShell 远程处理

相关内容